Quantifying the Mission Impact of Network-Level Cyber Defensive Mitigations
Journal Article - Open Access
MIT Lincoln Laboratory Lexington United States
Pagination or Media Count:
Modern missions of government and private organizations rely on computer networks to operate. As evidenced by several well-publicized cyber breaches, these missions are under attack. Several cyber defensive measures have been proposed to mitigate this threat, some are meant to protect individual hosts on the network, and others are designed to protect the network at large. From a qualitative perspective, these mitigations seem to improve security, but there is no quantitative assessment of their effectiveness with respect to a complete network system and a cyber-supported mission for which the network exists. The purpose of this paper is to examine network-level cyber defensive mitigations and quantify their impact on network security and mission performance. Testing such mitigations in an live network environment is generally not possible due to the expense, and thus a modeling and simulation approach is utilized. Our approach employs a modularized hierarchical simulation framework to model a complete cyber system and its relevant dynamics at multiple scales. We conduct experiments that test the effectiveness of network-level mitigations from the perspectives of security and mission performance. Additionally, we introduce a novel, unified metric for mitigation effectiveness that takes into account both of these perspectives and provides a single measurement that is convenient and easily accessible to security practitioners.
- Computer Systems Management and Standards